XML Parsing to get the certificate

44 views
Skip to first unread message

Pardhasaradhi Patta

unread,
Mar 26, 2019, 4:46:27 PM3/26/19
to Vault
Hi Team, 

My third party RootCA returns the below XML response after signing the certificate.

<Response xmlns="urn:symantec:api"> <StatusCode>0x00</StatusCode> <Message>success</Message> <transaction_id>983c1ba8d743ab5616051d4ff3</transaction_id> 
<Certificate> -----BEGIN CERTIFICATE----- 2aqMj1qYBueyV/lx7py5lvEE+4FL/vRRO1qT...... -----END CERTIFICATE----- </Certificate> </Response>

Would it possible to parse this and store in Vault PKI backend ? What would be the better approach? 

Thanks
Partha

Nathan Hruby

unread,
Mar 26, 2019, 5:37:08 PM3/26/19
to vault...@googlegroups.com
Hey Partha,

The easiest way to parse that would be with a XML parsing tool to extract the certificte and then passing that to vault/

https://github.com/kislyuk/yq has such a tool that makes the workflow similar to using jq with JSON.  Here's an example session using your previous XML response data:

[nhruby@lap ~]$ cat root-ca-example.xml
<Response xmlns="urn:symantec:api"> <StatusCode>0x00</StatusCode> <Message>success</Message> <transaction_id>983c1ba8d743ab5616051d4ff3</transaction_id>
<Certificate> -----BEGIN CERTIFICATE----- 2aqMj1qYBueyV/lx7py5lvEE+4FL/vRRO1qT...... -----END CERTIFICATE----- </Certificate> </Response>
[nhruby@lap ~]$ xq < root-ca-example.xml .
{
  "Response": {
    "@xmlns": "urn:symantec:api",
    "StatusCode": "0x00",
    "Message": "success",
    "transaction_id": "983c1ba8d743ab5616051d4ff3",
    "Certificate": "-----BEGIN CERTIFICATE----- 2aqMj1qYBueyV/lx7py5lvEE+4FL/vRRO1qT...... -----END CERTIFICATE-----"
  }
}
[nhruby@lap ~]$ xq < root-ca-example.xml .Response.Certificate
"-----BEGIN CERTIFICATE----- 2aqMj1qYBueyV/lx7py5lvEE+4FL/vRRO1qT...... -----END CERTIFICATE-----"
[nhruby@lap ~]$

HTH,

-n
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/385335c6-3471-4b41-9393-ae22d67f17e5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


--

Pardhasaradhi Patta

unread,
Mar 26, 2019, 5:42:58 PM3/26/19
to Vault
This makes my job easy. Thanks Natan!!
Reply all
Reply to author
Forward
0 new messages